Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2022
CVE-2022-30449
Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in room.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-05-11
CVE-2022-30450
A Remote Code Execution (RCE) vulnerability exists in waimairen 9.1 via wx.php
CVSS Score
9.8
EPSS Score
0.036
Published
2022-05-11
CVE-2022-30451
An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1.
CVSS Score
8.8
EPSS Score
0.014
Published
2022-05-11
CVE-2022-29845
In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file.
CVSS Score
6.5
EPSS Score
0.422
Published
2022-05-11
CVE-2022-29846
In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number.
CVSS Score
5.3
EPSS Score
0.365
Published
2022-05-11
CVE-2022-29847
In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.
CVSS Score
7.5
EPSS Score
0.84
Published
2022-05-11
CVE-2022-29848
In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system.
CVSS Score
6.5
EPSS Score
0.567
Published
2022-05-11
CVE-2022-30040
Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to achieve the effect of router denial of service.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-05-11
CVE-2022-30047
Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-05-11
CVE-2022-30048
Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-05-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved